Since i never didnt saw any security information or updates, i didnt update our site because its was littlebit too much modified. Im pretty sure that it was mostly just translation and layout and something connected that, but i will check anyway later what i modified. Don't really remember anymore.

http://www.apphp.com/php-hotel-site/ind ... =changelog this is not saying anything about security so i was thinking that it would be quite safe... suddenly, today morning our web page was closed because of hacking. Didnt yet get any additional information, was it sending spam or how they figured it out, they didnt answer yet.

And i found a few intresting files from our public_html folder, we dont have anything else than hotel site installed so it can be only injected from hotel site. And virtual hosts are isolated from each other.

I know, our version is ancient. Hotel Site version 3.6.1 with Jaune 2.0.8. Template. We bought 2.3.2 about 4 years ago and I updated it later.

But my question is. Because this old hotel site seems not be secure, but are this fixed in newer version? Since i couldnt find any information anywhere and because newest version is anyway likely 1.5 years old too....

And instead of buying this software, i would be intresting just buying it just as service which i could integrate to own page just like newest version seems offer but it could be much more simplifier version too, just booking, nothing else. Because i would like use other content management system anyway and would not like worry about hotel site installation.

I removed those infected files and replaced modules directory with clean, not really know if that modules directory was even infected. Didnt examine it yet. Hosting operator said that their automated scanner founded malicious files. I really have do reinstall but there is a few problems so didnt do it yet.

Site is now moved to another server and running there, while im trying monitoring logs/file changes and waiting if its happening again, atleast i saw some a few request lately for those infected files (which i removed) but so far nothing happened.

I think it is better to do the following1. Change all the passwords (Check if there are other users so you must delete them.) 2. Also change the logins to the database (The data shown in config files). 3. Erases all files, ALL, and upload an old backup. On this backup put the new codes for the database.

My website was also hacked and the same issue...It doesn't help to change the password and the files, it must be a a vulnerability of the script and the hacker will continue event after clean install...The admin may find a solution before all the websites are infected...